package cn.itsource.shiro.authenticationFilter;

import cn.itsource.shiro.utils.LoginType;
import cn.itsource.shiro.utils.MyUsernamePasswordToken;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/**
 * @author xjh
 * @date 2020/3/30 18:38
 */
public class MyCrmAuthenticationFilter extends FormAuthenticationFilter {
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {

        //对应options(预检)请求要放行   options请求是ajax跨域问题,不是shiro问题,只是shiro会把它拦截到,注意区分
        HttpServletRequest req = (HttpServletRequest) request;
        String method = req.getMethod();
        if ("OPTIONS".equalsIgnoreCase(method)) {
            return true;
        }
        return super.isAccessAllowed(request, response, mappedValue);
    }

    //新增方法
    @Override
    protected AuthenticationToken createToken(String username, String password, ServletRequest request, ServletResponse response) {
        boolean rememberMe = isRememberMe(request);
        String host = getHost(request);
        String loginType = LoginType.PASSWORD;//需要密码

        if(request.getParameter("loginType")!=null && !"".equals(request.getParameter("loginType").trim())){
            loginType = request.getParameter("loginType");
        }

        return new MyUsernamePasswordToken(username, password,rememberMe,loginType,host);
    }
}